Elasticsearch: Difference between revisions
From Halfface
Jump to navigationJump to search
No edit summary |
|||
| Line 13: | Line 13: | ||
<pre> | <pre> | ||
curl -n -sk -X GET "https://localhost:9200/<index>/_search | curl -n -sk -X GET "https://localhost:9200/<index>/_search | ||
{ | |||
"size": 1, | |||
"sort": [ | |||
{ "@timestamp": { "order": "desc" } } | |||
] | |||
} | |||
</pre> | </pre> | ||
=Stats of elasticsearch= | =Stats of elasticsearch= | ||
<pre> | <pre> | ||
Revision as of 10:49, 10 September 2025
what does it mean
cdm Continuous Diagnostics Mitigation cdm client data master
Add password to .netrc and use curl -n to use creds
~/.netrc machine localhost login <username> password <password>
count entries in index
GET /<indicie>/_count
get latest content from indicies.
curl -n -sk -X GET "https://localhost:9200/<index>/_search
{
"size": 1,
"sort": [
{ "@timestamp": { "order": "desc" } }
]
}
Stats of elasticsearch
curl -n -sk -X GET "https://localhost:9200/_nodes/stats/jvm?pretty"
Who is master
curl -n -sk -X GET "https://localhost:9200/_cat/master?v"
Are we recovering
curl -n -sk -X GET "https://localhost:9200/_cat/recovery?active_only=true"
List indicies by size
curl -n -sk -X GET "https://localhost:9200/_cat/indices?v&bytes=b&s=store.size:desc"
View 5 log entries from biggest indicie
curl -n -X GET "https://localhost:9200/<indicie>/_search?size=5&pretty"
Search for a string of a log entry in the biggest indicie.
curl -n -X GET "https://localhost:9200/.ds-logs-system.syslog-default-2022.08.22-000006/_search?pretty" -H 'Content-Type: application/json' -d'{
"query": {
"match": {
"message": "<string>"
}
}
}' | jq -r .hits.hits[]._source.message
list snapshot setup
curl -n -sk -X GET "https://localhost:9200/_cat/indices?v&bytes=b&s=store.size:desc"
Remove all indices
curl -n -sk -X GET "https://localhost:9200/_cat/indices?h=index&s=store.size:desc" | while read INDEX ; do echo '*' "${INDEX}" ; echo curl -n -sk -X DELETE "https://localhost:9200/${INDEX}" ; done
